mu1parametrostur.exe

ParĂ¢metros Gerais

www.microuniversity.com.br

This is a setup program which is used to install the application. The file has been seen being downloaded from dc541.4shared.com and multiple other hosts.
Publisher:
www.microuniversity.com.br

Product:
Parâmetros Gerais

Description:
Parâmetros Gerais ( Módulo Turma )

Version:
1.00.0002

MD5:
32fa94e4914cff363841b7144ff63c2e

SHA-1:
0a0e468e4f8c1df1381a0a614d22218be7ec9ea6

Scanner detections:
1 / 68

Status:
Clean  (1 probable false positive detection)

Explanation:
This is mosty likely a false positive detection, the file is probably clean.

Analysis date:
11/5/2024 11:29:00 AM UTC  (today)

Scan engine
Detection
Engine version

Rising Antivirus
PE:Trojan.VBInject!1.64FA
23.00.65.16517

File size:
368 KB (376,832 bytes)

Product version:
1.00.0002

Original file name:
mu1parametrostur.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\Documents and Settings\{user}\Local settings\temporary internet files\content.ie5\{random}\mu1parametrostur.exe

File PE Metadata
Compilation timestamp:
11/8/2014 12:22:24 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
6.0

CTPH (ssdeep):
3072:seLt6T42Q6O9yXjiKm8c7gxwtqciodm6n+0AESWPF7kZqxAWRRYsGxkpxxkpexOr:JBc1mKmP0Rciodm6n9/SWN7kZKYsO

Entry address:
0x23D8

Entry point:
68, 5C, CF, 42, 00, E8, F0, FF, FF, FF, 00, 00, 00, 00, 00, 00, 30, 00, 00, 00, 40, 00, 00, 00, 00, 00, 00, 00, 98, 23, BD, 69, BD, FB, B3, 47, 9F, 39, AA, 54, 9B, DD, E0, 15, 00, 00, 00, 00, 00, 00, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 50, 72, 6F, 6A, 65, 63, 74, 31, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, FF, CC, 31, 00, 2B, D8, 09, 8E, E6, 71, 15, E7, 47, B8, C5, 1E, C9, 23, BF, 76, F0, 93, D9, DB, A7, 70, DA, 77, 43, 81, 1E, 73, AE, D2, 1B, 76, 1F, 3A, 4F, AD, 33, 99, 66, CF, 11, B7, 0C, 00...
 
[+]

Developed / compiled with:
Microsoft Visual Basic v5.0

Code size:
336 KB (344,064 bytes)

The file mu1parametrostur.exe has been seen being distributed by the following 2 URLs.

Scan mu1parametrostur.exe - Powered by Reason Core Security